WPI Worcester Polytechnic Institute










Secure Architectures and Fault-Resilient Engines


Dr. Fernando C. Colon Osorio


Description | Projects | Members | Publications | Courses | Resources | Schedule of Talks



"Fixed fortifications are monuments to the stupidity of man"   

General George Patton, Jr.


The research proposed under  S.A.F.E attempts to develop and prototype the first implementation of an Intrusion Detection and Countermeasure System (IDCS System), V1.0.   S.A.F.E. was conceived in response to the increasing threats created by unauthorized access, or attempted unauthorized access to an earlier eCommerce family of products and system developed by the Acumen Consulting Group, called AcuShopTM, see www.acushop.com, and deployed commercially in 1999.  The nature and source of attacks experienced in the deployment of AcuShopTM commercially, alerted the developers to the increasing dangers that such attacks entailed.  Specifically, during a six month period in FY 2000 close to 60% of all the Information Technology resources of one of the AcuShopTM customers were consumed dwarfing attacks.  The experiences of said customer reflect the experiences that the industry is encountering at large.

Undoubtedly the security threat posed by individuals who are using computer systems without authorization (“crackers”) to gain financial benefit represents the single most serious threat to the United States information systems infrastructure and the national economy.  In the last five-(5) years, the frequency and nature of attacks has grown exponentially, similar such experience was noted in the case of AcuShopTM.  Further, Avivah Litan, a financial analyst for research firm Gardner, estimates that fraud cost e-tailers $700 million in lost merchandise last year alone. A Gardner study also shows that 5.2 percent of online shoppers have been victimized by credit card fraud and 1.9 percent by identity theft.  Further, in the last twelve month, see Table 1 below, at least six major break-ins have occurred, and the perpetrators have not been caught. This exponential growth in threats and break-ins (also known as Intrusions, see below) is due in part to three major reasons.  These are:


  1. The proliferation of inexpensive computers, coupled with the exponential growth of the WWW.  The increased in the performance of the computing nodes in a network (1.8 GHZ processors with 1 GB of primary storage for under $ 3K) coupled with the availability of an access path to the data from anywhere in the network facilitates crackers attacks;


  1. E-commerce companies during the dot com boom, circa 1997-2001, rushed to deploy their sites on-line giving little or no consideration to the problem of security Their focus then was “capturing eyeballs” and not securing their sites.  In effect, over the last five-(5) years there has been an exponential growth in the number of sites holding financial data without the equivalent increase in security measures to dwarf attacks; and


  1. In spite of the significant increase in the identification and elimination of software flaws, the corresponding increase in the complexity of software systems (e.g., WINDOWS XP today is 40 MB) has actually made the problem worst.  Furthermore, a recent study by CERT/CC, and SecurityFocus.com [9] has shown that the rate at which new vulnerabilities, easily exploitable by hacker is growing is exponential. Simply stated, the increased complexity a pure size of modern operating systems results in an exponential increase in vulnerabilities.


Table 1 Unsolved Hacks - The people who stole credit card numbers from these major online merchants are still at large.



What they stole; additional crimes





Nov 2001



Undisclosed number of credit card numbers; extortion






Aug 2001



Personal customer information; extortion



Western Union



Sep 2000



15,000 card numbers






Dec 2000



55,000 card numbers exposed on the Web; extortion






Dec 2000



3.7 million credit cards threatened*



CD Universe



Jan 2000



350,000 card numbers posted online; extortion


* Egghead announced that a hacker had accessed its computer system, "potentially including (its) customer databases." 
Source: CNET News.com research


The nature and cost of these threats has contributed to the increased focus, increase research and development in both Academia and Industry in the design and implementation of systems that are immune to crackers attack.  More specifically, dating back to the early ninety the study, research and development, and the implementation of Intrusion Detection Systems (IDS) has become an essential element of the design of modern computer systems and applications.

In the next section we formally defined Intrusion Detection Systems, established both the strengths and weaknesses of current approaches to the problem, and suggest a new model to attack the problem.  This new model, we called it an Intrusion Detection and Countermeasure system (IDC System), utilizes well know solutions to a set of related problems creating a fresh new practical approach.


Systems Security - CS525 - 191F
Spring 2003 - Tuesdays and Thursdays 12:30 to 14:00
Fall 2003


Talks @ PEDS

Intrusion Detection  & Countermeasures Systems - Part I

Intrusion Detection & Countermeasures System - Part II